I got an email the other day from someone who has apparently built a
analysis tool for rails apps.
He claims (and I have no idea whether this is true, I present this
purely as a
question) that a very old project of mine still hosted on github, allows
execution because controllers do not “return” at the end of each action.
According to him, a redirect_to does not halt processing and can somehow
people “executing” code.
Has anyone else heard of this or received a smiliar message? I’m mainly
because if it’s true, it would mean revising how I personally write
apps, and also how
99% of tutorials/guides are written I would think.